Описание
Security update for GraphicsMagick
This update for GraphicsMagick fixes the following issues:
These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact.
- CVE-2016-8684: Mismatch between real filesize and header values (bsc#1005123)
- CVE-2016-8683: Check that filesize is reasonable compared to the header value (bsc#1005127)
- CVE-2016-8682: Stack-buffer read overflow while reading SCT header (bsc#1005125)
- CVE-2016-7996, CVE-2016-7997: WPG Reader Issues (bsc#1003629)
- CVE-2016-7800: 8BIM/8BIMW unsigned underflow leads to heap overflow (bsc#1002422)
- CVE-2016-7537: Out of bound access for corrupted pdb file (bsc#1000711)
- CVE-2016-7533: Wpg file out of bound for corrupted file (bsc#1000707)
- CVE-2016-7531: Pbd file out of bound access (bsc#1000704)
- CVE-2016-7529: Out-of-bound in quantum handling (bsc#1000399)
- CVE-2016-7528: Out-of-bound access in xcf file coder (bsc#1000434)
- CVE-2016-7527: Out-of-bound access in wpg file coder: (bsc#1000436)
- CVE-2016-7524: AddressSanitizer:heap-buffer-overflow READ of size 1 in meta.c:465 (bsc#1000700)
- CVE-2016-7522: Out of bound access for malformed psd file (bsc#1000698)
- CVE-2016-7519: Out-of-bounds read in coders/rle.c (bsc#1000695)
- CVE-2016-7517: Out-of-bounds read in coders/pict.c (bsc#1000693)
- CVE-2016-7516: Out-of-bounds problem in rle, pict, viff and sun files (bsc#1000692)
- CVE-2016-7515: Rle file handling for corrupted file (bsc#1000689)
- CVE-2016-7446 CVE-2016-7447 CVE-2016-7448 CVE-2016-7449: various issues fixed in 1.3.25 (bsc#999673)
- CVE-2016-7101: SGI Coder Out-Of-Bounds Read Vulnerability (bsc#1001221)
- CVE-2016-6823: BMP Coder Out-Of-Bounds Write Vulnerability (bsc#1001066)
- CVE-2015-8958: Potential DOS in sun file handling due to malformed files (bsc#1000691)
- CVE-2015-8957: Buffer overflow in sun file handling (bsc#1000690)
- Divide by zero in WriteTIFFImage (bsc#1002206)
- Buffer overflows in SIXEL, PDB, MAP, and TIFF coders (bsc#1002209)
Список пакетов
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Studio Onsite 1.3
Ссылки
- Link for SUSE-SU-2016:2724-1
- E-Mail link for SUSE-SU-2016:2724-1
- SUSE Security Ratings
- SUSE Bug 1000399
- SUSE Bug 1000434
- SUSE Bug 1000436
- SUSE Bug 1000689
- SUSE Bug 1000690
- SUSE Bug 1000691
- SUSE Bug 1000692
- SUSE Bug 1000693
- SUSE Bug 1000695
- SUSE Bug 1000698
- SUSE Bug 1000700
- SUSE Bug 1000704
- SUSE Bug 1000707
- SUSE Bug 1000711
- SUSE Bug 1001066
- SUSE Bug 1001221
- SUSE Bug 1002206
Описание
Buffer overflow in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (application crash) via a crafted SUN file.
Затронутые продукты
Ссылки
- CVE-2015-8957
- SUSE Bug 1000690
- SUSE Bug 1000691
Описание
coders/sun.c in ImageMagick before 6.9.0-4 Beta allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted SUN file.
Затронутые продукты
Ссылки
- CVE-2015-8958
- SUSE Bug 1000690
- SUSE Bug 1000691
- SUSE Bug 1000694
- SUSE Bug 1028079
Описание
Integer overflow in the BMP coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (crash) via crafted height and width values, which triggers an out-of-bounds write.
Затронутые продукты
Ссылки
- CVE-2016-6823
- SUSE Bug 1001066
- SUSE Bug 1002207
Описание
The SGI coder in ImageMagick before 7.0.2-10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large row value in an sgi file.
Затронутые продукты
Ссылки
- CVE-2016-7101
- SUSE Bug 1001221
- SUSE Bug 1002207
Описание
Buffer overflow in the MVG and SVG rendering code in GraphicsMagick 1.3.24 allows remote attackers to have unspecified impact via unknown vectors. Note: This vulnerability exists due to an incomplete patch for CVE-2016-2317.
Затронутые продукты
Ссылки
- CVE-2016-7446
- SUSE Bug 999673
Описание
Heap-based buffer overflow in the EscapeParenthesis function in GraphicsMagick before 1.3.25 allows remote attackers to have unspecified impact via unknown vectors.
Затронутые продукты
Ссылки
- CVE-2016-7447
- SUSE Bug 999673
Описание
The Utah RLE reader in GraphicsMagick before 1.3.25 allows remote attackers to cause a denial of service (CPU consumption or large memory allocations) via vectors involving the header information and the file size.
Затронутые продукты
Ссылки
- CVE-2016-7448
- SUSE Bug 999673
Описание
The TIFFGetField function in coders/tiff.c in GraphicsMagick 1.3.24 allows remote attackers to cause a denial of service (out-of-bounds heap read) via a file containing an "unterminated" string.
Затронутые продукты
Ссылки
- CVE-2016-7449
- SUSE Bug 999673
Описание
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the number of pixels.
Затронутые продукты
Ссылки
- CVE-2016-7515
- SUSE Bug 1000689
- SUSE Bug 1000695
Описание
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted VIFF file.
Затронутые продукты
Ссылки
- CVE-2016-7516
- SUSE Bug 1000692
- SUSE Bug 1000693
- SUSE Bug 1000695
Описание
The EncodeImage function in coders/pict.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PICT file.
Затронутые продукты
Ссылки
- CVE-2016-7517
- SUSE Bug 1000693
Описание
The ReadRLEImage function in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2016-7519
- SUSE Bug 1000689
- SUSE Bug 1000695
Описание
The ReadPSDImage function in MagickCore/locale.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted PSD file.
Затронутые продукты
Ссылки
- CVE-2016-7522
- SUSE Bug 1000698
Описание
coders/meta.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2016-7524
- SUSE Bug 1000700
- SUSE Bug 1002422
Описание
coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted file.
Затронутые продукты
Ссылки
- CVE-2016-7527
- SUSE Bug 1000436
- SUSE Bug 1000702
Описание
The ReadVIFFImage function in coders/viff.c in ImageMagick allows remote attackers to cause a denial of service (segmentation fault) via a crafted VIFF file.
Затронутые продукты
Ссылки
- CVE-2016-7528
- SUSE Bug 1000434
Описание
coders/xcf.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted XCF file.
Затронутые продукты
Ссылки
- CVE-2016-7529
- SUSE Bug 1000399
- SUSE Bug 1000434
- SUSE Bug 1000703
- SUSE Bug 1054924
Описание
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted PDB file.
Затронутые продукты
Ссылки
- CVE-2016-7531
- SUSE Bug 1000704
Описание
The ReadWPGImage function in coders/wpg.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted WPG file.
Затронутые продукты
Ссылки
- CVE-2016-7533
- SUSE Bug 1000707
Описание
MagickCore/memory.c in ImageMagick allows remote attackers to cause a denial of service (out-of-bounds access) via a crafted PDB file.
Затронутые продукты
Ссылки
- CVE-2016-7537
- SUSE Bug 1000711
Описание
Integer underflow in the parse8BIM function in coders/meta.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted 8BIM chunk, which triggers a heap-based buffer overflow.
Затронутые продукты
Ссылки
- CVE-2016-7800
- SUSE Bug 1002422
Описание
Heap-based buffer overflow in the WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to have unspecified impact via a colormap with a large number of entries.
Затронутые продукты
Ссылки
- CVE-2016-7996
- SUSE Bug 1003629
- SUSE Bug 1067184
Описание
The WPG format reader in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service (assertion failure and crash) via vectors related to a ReferenceBlob and a NULL pointer.
Затронутые продукты
Ссылки
- CVE-2016-7997
- SUSE Bug 1003629
Описание
The ReadSCTImage function in coders/sct.c in GraphicsMagick 1.3.25 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted SCT header.
Затронутые продукты
Ссылки
- CVE-2016-8682
- SUSE Bug 1005125
Описание
The ReadPCXImage function in coders/pcx.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
Затронутые продукты
Ссылки
- CVE-2016-8683
- SUSE Bug 1005127
Описание
The MagickMalloc function in magick/memory.c in GraphicsMagick 1.3.25 allows remote attackers to have unspecified impact via a crafted image, which triggers a memory allocation failure and a "file truncation error for corrupt file."
Затронутые продукты
Ссылки
- CVE-2016-8684
- SUSE Bug 1005123